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Techniques for trusted software engineering 

Premkumar T. Devanbu, Philip W-L Fong, Stuart G. Stubblebine 

April 1998 Proceedings of the 20th international conference on Software engineering 
ICSE '98 

Publisher: IEEE Computer Society 

Full text available:^ .„„ OH [fjj] 
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2 Securit y issue s sur r o un d i n g programming languages for mo bile cod e: JAVA vs. Safe- J 
Tel 

Stefanos Gritzalis, George Aggelis 

April 1998 ACM SIGOPS Operating Systems Review, volume 32 issue 2 
Publisher: ACM Press 

Full text available: ^ gpdfd.42 MB) Additional Information: full citation , abstract , references 

JAVA is claimed to be a system programming language having a number of advantages 
over traditional programming languages. These advantages stem from the fact that it is a 
platform - independent language, thus promising truly network oriented computing as 
long as a nearly universal system for distributing applications. On the other hand, 
although being an interpreted, much simpler, scripting language, Safe-Tel was proposed 
as an executable contents type of MIME and thus as the standard language f ... 

3 Security issues in distributed software 
Richard A. Kemmerer 

November 1997 ACM SIGSOFT Software Engineering Notes , Proceedings of the 6th 
European conference held jointly with the 5th ACM SIGSOFT 
international symposium on Foundations of software engineering 
ESEC '97/FSE-5, Volume 22 Issue 6 
Publisher: Springer-Verlag New York, Inc., ACM Press 

Full text available: *g) pdf( 63 2.79 KB ) Additional Information: full citation, rMerences, index terms 
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Thomas Naps, Joseph Bergin, Ricardo Jimenez-Peris, Myles F. McNally, Marta Patino- 
Martmez, Viera K. Proulx, Jorma Tarhio 

June 1997 The supplemental proceedings of the conference on Integrating 

technology into computer science education: working group reports and 
supplemental proceedings ITiCSE-WGR '97 

Publisher: ACM Press 

Full text available: ^ pdf(85.85 KB) Additional Information: full citation , references , citings, index terms 



5 Using the WWW as the delivery mechanism for interactive, visulaization-based 
<i> instructional m o d ul e s : report o f the ITiCSE '97 working group on visualjzMion 
^ Thomas Naps, Joseph Bergin, Ricardo Jimenez-Peris, Myles F. McNally, Marta Patino- 

Martinez, Viera K. Proulx, Jorma Tarhio 

October 1997 ACM SIGCUE Outlook, volume 25 issue 4 

Publisher: ACM Press 

Full text available: ^pdf(1.57 MB) Additional Information: full citation , abstract , references , index terms 

Visualization has long been an important pedagogical tool in CS education. The 
widespread use of the Web and the introduction of Java, with its ability to present 
interactive animated applets and other types of animation, all provide opportunities to 
expand the availability of visualization-based teaching and learning tools. In addition, the 
Web introduces new opportunities not available in traditional settings. We start by 
identifying the types of learning objectives that can be supported by vis ... 

Javeli n ++: scalability issues in global computing 
Michael O. Neary, Sean P. Brydon, Paul Kmiec, Sami Rollins, Peter Cappello 
June 1999 Proceedings of the ACM 1999 conference on Java Grande JAVA v 99 

Publisher: ACM Press 

Full text available: ^pdf(1.34 MB) Additional Information: full citation, references, citings, index terms 



7 Programmin g languages for mobile code 
y^&v Tommy Thorn 

September 1997 ACM Computing Surveys (CSUR), volume 29 issue 3 

Publisher: ACM Press 

Full text available: fB pdf(393.65 KB) Additional lnformation: M dtatjon, abstract, references, dtings, index 
^ r.™v te rms, review 

Sun's announcement of the programming language Java more that anything popularized 
the notion of mobile code, that is, programs traveling on a heterogeneous network and 
automatically executing upon arrival at the destination. We describe several classes of 
mobile code and extract their common characteristics, where security proves to be one of 
the major concerns. With these characteristics as reference points, we examine six 
representative languages proposed for mobile code. The conclusion ... 

Keywords: Java, Limbo, Objective Caml, Obliq, Safe-Tel, distribution, formal methods, 
mobile code, network programming, object orientation, portability, safety, security, 
telescript 
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V Martin Abadi, Neal Glew 

May 2002 Proceedings of the 11th international conference on World Wide Web 
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WWW '02 

Publisher: ACM Press 

Full text available: ^[ pdf(189.19 KB) Additional Information: full citation, abstract, citings, ind ex term s 

This paper presents a new protocol for certified email. The protocol aims to combine 
security, scalability, easy implementation, and viable deployment. The protocol relies on a 
light on-line trusted third party; it can be implemented without any special software for 
the receiver beyond a standard email reader and web browser, and does not require any 
public-key infrastructure. 

HCI for Web-based development of interactive medical multimedia courseware - 

lessons learned 
Biil Janvier 

April 2000 ACM SIGBIO Newsletter, volume 20 issue 1 
Publisher: ACM Press 

Full text available: ^ pdf(355.43 KB) Additional Information: full cit ation, abstract, i nde x terms 

This is an industrial placement project, which aimed at implementing principles from 
Human Computer Interaction (HCI) to develop a usable interactive Web Site for the 
Central Manchester Healthcare NHS Trust. Some of the lessons learned from this 
experience are reported here in the article. This report starts with an appraisal of how 
learning develops to outline the components required in any learning package. The 
development life cycle has been outlined, starting with defining problem specificati ... 

10 Integrating open hy permedia s y ste m s with the World Wide Web 
Kenneth M. Anderson 

April 1997 Proceedings of the eighth ACM conference on Hypertext HYPERTEXT '97 
Publisher: ACM Press 

Full text available: ^| pdf(1.00 MB) Additional Information: full citation , references , citings , index terms 



Keywords: Chimera, World Wide Web, integration, open hypermedia systems 



11 Cust omi zat ion 1: Au t omation and c ust o mization o f re nder ed w eb pages 
Michael Bolin, Matthew Webber, Philip Rha, Tom Wilson, Robert C. Miller 
October 2005 Proceedings of the 18th annual ACM symposium on User interface 

software and technology UIST '05 
Publisher: ACM Press 

Full text available: « pdf(804,45 KB) Additional "Nation: full citation , abstract, references, dtings, index 

" terms 

On the desktop, an application can expect to control its user interface down to the last 
pixel, but on the World Wide Web, a content provider has no control over how the client 
will view the page, once delivered to the browser. This creates an opportunity for end- 
users who want to automate and customize their web experiences, but the growing 
complexity of web pages and standards prevents most users from realizing this 
opportunity. We describe Chickenfoot, a programming system embedded in the Fir ... 

Keywords: web automation, web browsers 
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Daniel R. Allen 

August 2003 Linux Journal volume 2003 issue 112 
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Publisher: Specialized Systems Consultants, Inc. 

Full text available: jj) html(20.23 KB ) Additional Information: full citation , a bstra c t 

You know it's the secure way to connect to your server. But OpenSSH is fast and 
convenient too. 

13 Trusted paths for browsers 

Zishuang (Eileen) Ye, Sean Smith, Denise Anthony 

May 2005 ACM Transactions on Information and System Security (TISSEC), volume 8 

Issue 2 

Publisher: ACM Press 

r- 1. 4 ^ i ui o-r tm\ Additional Information: full citation, abstract, references, citings, index 

Full text available pdT(265.37 KB) — ~ 

terms 

Computer security protocols usually terminate in a computer; however, the human-based 
services which they support usually terminate in a human. The gap between the human 
and the computer creates potential for security problems. We examine this gap, as it is 
manifested in secure Web servers. Felten et al. demonstrated the potential, in 1996, for 
malicious servers to impersonate honest servers. In this paper, we show how malicious 
servers can still do this— and can also forge the existence of an ... 

Keywords: HCISEC, Trust path, Web browser security 



14 Columns: Surfing the net for software engineering notes Q 
^ Mark Doernhoefer 

>S September 2002 ACM SIGSOFT Software Engineering Notes, volume 27 issue 5 
Publisher: ACM Press 

Full text available: ^f|pdf( 1.67 M B) Additional Information: full citation 



15 D eve loping trust in internet commerce 
Ildemaro Araujo, Ivan Araujo 

October 2003 Proceedings of the 2003 conference of the Centre for Advanced Studies 
on Collaborative research CASCON '03 

Publisher: IBM Press 

Full text available: H pjf(14049 KB). Additional ,nformation: McMiion, abstract, references, citings, index 

" terms 

Since the success of Web-based businesses depends essentially on their customers, 
consumers' trust is critical for Internet commerce. This article outlines essential issues 
that may affect customers 1 trust on Web sites or vendors. It also discusses key elements 
that can be used to improve the visitors' sense of trustworthiness on Web sites. 



16 Attacks and cryptanalysis: Pu ppetnet s : misusing web browsers as a distributed Q 
attack infrastructure 

V. T. Lam, S. Antonatos, P. Akritidis, K. G. Anagnostakis 
October 2006 Proceedings of the 13th ACM conference on Computer and 

communications security CCS '06 
Publisher: ACM Press 

Full text available: ^pdf(8 71.35 KB ) Additional Information: full ci tation, abstrac t, references , index terms 

Most of the recent work on Web security focuses on preventing attacks that directly harm 
the browser's host machine and user. In this paper we attempt to quantify the threat of 
browsers being indirectly misused for attacking third parties. Specifically, we look at how 
the existing Web infrastructure (e.g., the languages, protocols, and security policies) can 
be exploited by malicious Web sites to remotely instruct browsers to orchestrate actions 
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including denial of service attacks, ... 

Keywords: distributed attacks, malicious software, web security 

1 7 Multicast s hared virt u a l worlds using VRML97 Q 
John A. Carson, Adrian F. Clark 

February 1999 Proceedings of the fourth symposium on Virtual reality modeling 
language VRML '99 

Publisher: ACM Press 

Full text available: ^| pdfM.34 MB) Additional Information: full citation , references , citings , index terms 




Keywords: IP multicasting, MBone, Virtual Reality Modelling Language (VRML), World 
Wide Web, multi-user virtual reality, shared virtual worlds 



18 Mobile code: Empowering mobile code using expressive security policies 
v*|v V. N. Venkatakrishnan, Ram Peri, R. Sekar 

v September 2002 Proceedings of the 2002 workshop on New security paradigms NSPW 
•02 

Publisher: ACM Press 

Full text available- « pdf(853 33 KB) Additlonal Information: MSMSSL abstract, referen_c.es, dtjngs, index 

terms 

Existing approaches for mobile code security tend to take a conservative view that mobile 
code is inherently risky, and hence focus on confining it. Such confinement is usually 
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